[http-state] cake and session stealing
"Thomson, Martin" <Martin.Thomson@andrew.com> Mon, 26 July 2010 17:04 UTC
Return-Path: <Martin.Thomson@andrew.com>
X-Original-To: http-state@core3.amsl.com
Delivered-To: http-state@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E61643A67F0 for <http-state@core3.amsl.com>; Mon, 26 Jul 2010 10:04:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.291
X-Spam-Level:
X-Spam-Status: No, score=-3.291 tagged_above=-999 required=5 tests=[AWL=-0.692, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M2tCM53QQ+VS for <http-state@core3.amsl.com>; Mon, 26 Jul 2010 10:04:18 -0700 (PDT)
Received: from csmailgw2.commscope.com (csmailgw2.commscope.com [198.135.207.242]) by core3.amsl.com (Postfix) with ESMTP id 27CF23A6407 for <http-state@ietf.org>; Mon, 26 Jul 2010 10:04:18 -0700 (PDT)
Received: from [10.86.20.103] ([10.86.20.103]:40276 "EHLO ACDCE7HC2.commscope.com") by csmailgw2.commscope.com with ESMTP id S342919Ab0GZREj (ORCPT <rfc822; http-state@ietf.org>); Mon, 26 Jul 2010 12:04:39 -0500
Received: from SISPE7HC1.commscope.com (10.97.4.12) by ACDCE7HC2.commscope.com (10.86.20.103) with Microsoft SMTP Server (TLS) id 8.1.436.0; Mon, 26 Jul 2010 11:59:36 -0500
Received: from SISPE7MB1.commscope.com ([fe80::9d82:a492:85e3:a293]) by SISPE7HC1.commscope.com ([fe80::8a9:4724:f6bb:3cdf%10]) with mapi; Tue, 27 Jul 2010 00:59:33 +0800
From: "Thomson, Martin" <Martin.Thomson@andrew.com>
To: Adam Barth <ietf@adambarth.com>, "http-state@ietf.org" <http-state@ietf.org>
Date: Tue, 27 Jul 2010 01:01:45 +0800
Thread-Topic: cake and session stealing
Thread-Index: Acss5DpzRKZTlBfnTdqxPd764JZjIA==
Message-ID: <8B0A9FCBB9832F43971E38010638454F03EB773659@SISPE7MB1.commscope.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-BCN: Meridius 1000 Version 3.4 on csmailgw2.commscope.com
X-BCN-Sender: Martin.Thomson@andrew.com
Subject: [http-state] cake and session stealing
X-BeenThere: http-state@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discuss HTTP State Management Mechanism <http-state.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/http-state>, <mailto:http-state-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-state>
List-Post: <mailto:http-state@ietf.org>
List-Help: <mailto:http-state-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-state>, <mailto:http-state-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Jul 2010 17:04:19 -0000
So, on consideration for this, I'm not sure that I still understand how this is going to solve the problem that you described. An attacker that can control where you go (the URL) can equally control what cookies you get. What am I missing here?
- [http-state] cake and session stealing Thomson, Martin
- Re: [http-state] cake and session stealing Adam Barth
- Re: [http-state] cake and session stealing Thomson, Martin
- Re: [http-state] cake and session stealing Adam Barth
- Re: [http-state] cake and session stealing Thomson, Martin
- Re: [http-state] cake and session stealing Adam Barth
- Re: [http-state] cake and session stealing Thomson, Martin
- Re: [http-state] cake and session stealing Adam Barth
- Re: [http-state] cake and session stealing Thomson, Martin
- Re: [http-state] cake and session stealing Adam Barth